03-14-2021 07:23 PM
Hi everyone,
Good day and hope you guys doing well.
I want to ask if I could use any 3rd party authentication services such as Okta for accessing Hyland OnBase application, I'm planning to use SSO as an authentication service from Okta. Is this possible or is there any sample code that I could try to make this work?
P.S. I am new in the Hyland community.
Hope some one answer this question.
Kind regards,
Alvin Quezon
03-15-2021 06:31 AM
Hi Alvin.
Yes we support Okta. You can use any third party authentication provider which supports SAML.
Below is an example of the Hyland IDP configuration from the idpconfig.json I use for my Okta provided. Keep in mind that there are likely nuances. There are different configurations here which I'm not accounting for like certificates and/or alternate attribute mappings.
{ "Type": 3, "Name": "okta", "Id": "3a488937-691e-4f83-b984-947d97384af6", "Settings": { "IdentityProvider": "http://www.okta.com/1234asdfjn6K5C8UJ0h7", "ExternalIdPMetadataLocation": "https://dev-859934.oktapreview.com/app/1234asdfjn6K5C8UJ0h7/sso/saml/metadata", "SecuritySettings": { "EncryptionCertificatePath": "", "SigningCertificatePath": "", "SigningAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256", "WantAssertionsSigned": false, "MinimumIncomingSigningAlgorithm": "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" }, "BindingsSettings": { "AuthenticationRequestBinding": 2, "AssertionBinding": 2 }, "UserAttributeMapping": { "username": "oktaEmail", "email": "oktaEmail", "realName": "oktaFullname", "group": "oktaADGroups" }, "StripDomainFromUsername": false, "UserProvisioningEnabled": true } }
Take care.
02-08-2023 01:51 PM
What was the ACS URL you provided to Okta? The MRG does not reference what this is.
02-13-2023 06:47 AM
Hi
You would need to get that from the metadata for the SAML provider from the Hyland IDP. This will vary depending on the version of the Hyland IDP used, however with the latest version (i.e. 3.0 and higher), you can either reference the URL to the metadata or download it from the Provider within the Hyland IDP Admin Console.
Take care.
Find what you came for
We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.